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In the Claims: 

This listing of claims will replace all prior versions and listings of claims in the 
application: 

1 1 . (previously presented) A method for producing ephemeral, symmetric encryption keys at a 

2 first station for mutual authentication and secure distribution of a random session-specific 

3 symmetric encryption key in a communication session with a second station, comprising: 

4 assigning a session key in the first station, in response to a request to initiate a 

5 communication session received by the first station during a session key initiation interval for 

6 use in a first exchange of a plurality of exchanges executed for distributing the symmetric 

7 encryption key produced for use in the communication session; 

8 associating, in the first station, a set of intermediate data keys, different from said session 

9 key, with said request for use in said plurality of exchanges; 

10 in the first exchange, sending at least one message carrying said session key to the second 

1 1 station, and receiving a response from the second station including a shared parameter, which is 

12 shared between the first station and the second station, or between the first station and a user at 

13 the second station, the shared parameter being encrypted using said session key to verify receipt 

14 of the session key by the second station and to identify the second station or the user of the 

15 second station; and 

16 in another exchange in the plurality of exchanges, sending, after verifying in said first 

17 station receipt of the session key by the second station, at least one message carrying an 

1 8 encrypted version of one of the intermediate data keys from said set of intermediate data keys to 

19 be accepted as the symmetric encryption key for use by the first and second stations during the 

20 communication session. 

1 2. (previously presented) The method of claim 1, including distributing symmetric encryption 

2 keys for use in a plurality of communication sessions using respective pluralities of exchanges, 

3 and using said session key for first exchanges in the respective pluralities of exchanges for 

4 initiating communication sessions in the plurality of communication sessions initiated with the 

5 first station, during said session key initiation interval, and using other session keys after expiry 

6 of said session key initiation interval. 
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1 3. (previously presented) The method of claim 2, including associating a unique set of 

2 intermediate data keys with each session key. 

1 4. (previously presented) The method of claim 1, including: 

2 providing a buffer at the first station; 

3 storing an ephemeral set of session keys in the buffer for respective session key lifetimes; 

4 associating respective session key initiation intervals with said session keys stored in said 

5 buffer; 

6 using session keys from the set of session keys from said buffer as session keys in 

7 response to requests received by said first station during said respective, associated session key 

8 initiation intervals; 

9 removing session keys from said buffer upon expiry of the respective session key 



10 lifetimes. 

1 5. (canceled) 

1 6. (previously presented) The method of claim 4, wherein the session key lifetimes have 

2 respective lengths longer or equal to a time required for the plurality of exchanges used to 

3 distribute the symmetric encryption key for use in a communication session can be completed in 

4 expected circumstances. 

1 7. (previously presented) The method of claim 4, wherein the session key lifetimes have 

2 respective lengths which are a multiple M times a time required for the plurality of exchanges 

3 used to distribute the symmetric encryption key for use in a communication session can be 



4 completed in expected circumstances, where M is less than or equal to 10. 

1 8. (previously presented) A data processing apparatus, comprising: 

2 a processor associated with a first station, a communication interface adapted for 

3 connection to a communication medium, and memory storing instructions for execution by the 

4 data processor, the instructions including 

5 logic to receive a request via the communication interface for initiation of a 
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6 communication session between a first station and a second station; 

7 logic to provide symmetric encryption keys in response to a request received by said 

8 processor for initiation of a communication session between the first station and the second 

9 station, including logic to execute a plurality of exchanges to distribute the symmetric encryption 

10 key for use in the communication session, logic to provide a session key for use during a session 

1 1 key initiation interval, and to associate, in said first station, a set of intermediate data keys, 

12 different from said session key, with said request for use in said plurality of exchanges, and logic 

13 to send in a first exchange in said plurality of exchanges at least one message carrying said 

14 session key to the second station, and to receive a response from the second station including a 

15 shared parameter encrypted using said session key to verify receipt of the session key and to 

16 identify the second station or the user of the second station; and 

17 logic to send, after verifying receipt of the session key at the second station, at least one 

18 message carrying, in another exchange in said plurality of exchanges, an encrypted version of 

19 one of said set of intermediate data keys to be accepted as the symmetric encryption key for use 

20 by the first and second stations during the communication session. 

1 9. (previously presented) The apparatus of claim 8, including logic to distribute symmetric 

2 encryption keys for use in a plurality of communication sessions using respective pluralities of 

3 exchanges, and to use said session key for first exchanges in the respective pluralities of 

4 exchanges for distributing the symmetric encryption keys in the plurality of communication 

5 sessions initiated with the first station, during said session key initiation interval, and to use other 

6 session keys after expiry of said session key initiation interval. 

1 10. (previously presented) The apparatus of claim 9, including logic to associate a unique set of 

2 intermediate data keys with each session key. 

1 11. (previously presented) The apparatus of claim 8, including 

2 a buffer at the first station; 

3 logic to store a set of session keys in the buffer for respective session key lifetimes, to 

4 associate respective session key initiation intervals with particular session keys in said set of 

5 session keys stored in said buffer, to use session keys from said buffer as session keys in 
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6 response to requests received by said first station during said respective session key initiation 

7 intervals, and to remove session keys in said set of session keys from said buffer after expiry of 

8 the respective session key lifetimes. 

1 12. (canceled). 

1 13. (previously presented) The apparatus of claim 11, wherein the session key lifetimes have 

2 respective lengths longer or equal to a time required for the plurality of exchanges used to 

3 distribute the secret encryption key for use in a communication session can be completed in 

4 expected circumstances, and including logic to remove said session keys in said set of session 

5 keys from said buffer after expiry of the session key lifetimes. 

1 14. (previously presented) The apparatus of claim 1 1 , wherein the session key lifetimes have 

2 respective lengths which are a multiple M times a time required for the plurality of exchanges 

3 used to distribute the secret encryption key for use in a communication session can be completed 

4 in expected circumstances, and including logic to remove said session keys in said set of session 

5 keys from said buffer after expiry of the session key lifetimes. 

1 15. (previously presented) An article, comprising: 

2 machine readable data storage medium having computer program instructions stored 

3 therein for establishing a communication session on a communication medium between a first 

4 data processing station and a second data processing station having access to the communication 

5 medium, said instructions comprising 

6 logic to receive a request via the communication interface for initiation of a 

7 communication session between a first station and a second station; 

8 logic to provide symmetric encryption keys in response to a request received by said 

9 processor for initiation of a communication session between the first station and the second 

10 station, including logic to execute a plurality of exchanges to distribute the symmetric encryption 

1 1 key for use in the communication session, logic to provide a session key for use during a session 

12 key initiation interval, and to associate, in said first station, a set of intermediate data keys, 

13 different from said session key, with said request for use in said plurality of exchanges, and logic 
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14 to send in a first exchange in said plurality of exchanges at least one message carrying said 

15 session key to the second station, and to receive a response from the second station including a 

16 shared parameter encrypted using said session key to verify receipt of the session key and to 

17 identify the second station or the user of the second station; and 

18 logic to send, after verifying receipt of the session key at the second station, at least one 

19 message carrying, in another exchange in said plurality of exchanges, an encrypted version of 

20 one of said set of intermediate data keys to be accepted as the symmetric encryption key for use 

21 by the first and second stations during the communication session. 

1 16. (previously presented) The article of claim 15, wherein the instructions include logic to 

2 distribute secret encryption keys for use in a plurality of communication sessions using 

3 respective pluralities of exchanges, and to use said session key for first exchanges in the 

4 respective pluralities of exchanges for assigning secret encryption keys in the plurality of 

5 communication sessions initiated with the first station, during said session key initiation interval, 

6 and to use other session keys after expiry of said session key initiation interval. 

1 17. (previously presented) The article of claim 16, wherein the instructions include logic to 

2 associate a unique set of ephemeral intermediate data keys with each session key. 

1 18. (previously presented) The article of claim 15, 

2 the first station includes a buffer; and 

3 the instructions include logic to store a set of session keys in the buffer for respective 

4 session key lifetimes, to associate respective session key initiation intervals with particular 

5 session keys in said set of session keys stored in said buffer, to use session keys from said buffer 

6 as session keys in response to requests received by said first station during said respective 

7 session key initiation intervals, and to remove session keys in said set of session keys from said 

8 buffer after expiry of the respective session key lifetimes. 

1 19. (canceled). 
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1 20. (previously presented) The article of claim 18, wherein the session key lifetimes have 

2 respective lengths longer or equal to a time required for the plurality of exchanges used to 

3 distribute the secret encryption key for use in a communication session can be completed in 

4 expected circumstances, and the instructions include logic to remove said session keys in said set 

5 of session keys from said buffer after expiry of the session key lifetimes. 

1 21. (previously presented) The article of claim 1 8, wherein the session key lifetimes have 

2 respective lengths which are a multiple M times a time required for the plurality of exchanges 

3 used to distribute the secret encryption key for use in a communication session can be completed 

4 in expected circumstances, and the instructions include logic to remove said session keys in said 

5 set of session keys from said buffer after expiry of the session key lifetimes. 

1 22. (previously presented) The method of claim 1 , wherein the encrypted version of one of said 

2 set of intermediate data keys to be accepted as the symmetric encryption key is encrypted using a 

3 shared secret credential. 

1 23. (currently amended) The method of claim 1, wherein the plurality of exchanges includes an 

2 iterative process including n iterations, in which for each iteration (i), the first station sends a 

3 message carrying intermediate data key (i) encrypted with intermediate data key (i-1), [[and]] the 

4 second station obtains intermediate key (i) by decrypting the message with intermediate key (i-1) 

5 and returns a message to the first station carrying a hashed version of the intermediate data key 

6 (i) encrypted using the intermediate data key (i), and the first station decrypts the hashed version 

7 of intermediate data key (1) using intermediate data key (i), and determines that the hash version 

8 of intermediate data key (i) matches an expected version of by intermediate data key (i), until the 

9 n-th iteration in which the first station sends intermediate data key (n) as the encrypted version of 

10 one of said set of intermediate data keys to be accepted as the symmetric encryption key, 

1 1 encrypted using a first shared secret credential, [[and]] the second station, after obtaining 

12 intermediate data key (n) by decrypting the message with the first shared secret credential, 

13 returns a message to the first station carrying a hashed version of intermediate data key (n) 

14 encrypted using the first shared secret credential, and the first station decrypts the hashed version 

15 of intermediate data key (n) using the first shared secret credential, and determines that the 
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16 hashed version of intermediate data key (n) matches an expected version of by intermediate data 

17 key (n), and in (n+l)-th iteration, the first station sends intermediate data key (n) encrypted using 

18 a second shared secret credential, and the second station, after obtaining intermediate data key 

19 (n) by decrypting the message with the second shared secret credential, returns a message to the 

20 first station carrying a hashed version of intermediate data key (n) encrypted using the second 

21 shared secret credential , and the first station decrypts the hashed version of intermediate data key 

22 (n) using the second shared secret credential and determines that the hashed version of 

23 intermediate data key (n) matches an expected version of by intermediate data key (n) . 

1 24. (currently amended) The method of claim 1, wherein the plurality of exchanges includes an 

2 iterative process including n iterations, in which for each iteration (i), the first station sends a 

3 message carrying intermediate data key (i) encrypted with intermediate data key (i-1), [[and]] the 

4 second station obtains intermediate data key (i) by decrypting the message with intermediate data 

5 key (i-1), and returns a message to the first station carrying a hashed version of the intermediate 

6 data key (i) encrypted using the intermediate data key (i) . and the first station decrypts the 

7 hashed version of intermediate data key (i) using intermediate data key (i), and determines that 

8 the hash version of intermediate data key (i) matches an expected version of by intermediate data 

9 key (i). until the n-th iteration in which the first station sends intermediate data key (n) as the 

10 encrypted version of one of said set of intermediate data keys to be accepted as the symmetric 

1 1 encryption key, encrypted using a first shared secret credential and intermediate data key (n-1), 

12 and the second station, after obtaining intermediate data key (n) by decrypting the message with 

13 the first shared secret credential and intermediate data key (n-1), returns a message to the first 

14 station carrying a hashed version of intermediate data key (n) encrypted using the first shared 

15 secret credential and intermediate data key (n), and the first station decrypts the hashed version 

16 of intermediate data key (n) using the first shared secret credential and intermediate data key (n), 

17 and determines that the hashed version of intermediate data key (n) matches an expected version 

1 8 of by intermediate data key (n), and in (n+l)-th iteration the first station sends intermediate data 

19 key (n) encrypted using a second shared secret credential and intermediate data key (n), and the 

20 second station after obtaining intermediate data key (n) by decrypting the message with the 

21 second shared secret credential and intermediate data key (n), returns a message to the first 

22 station carrying a hashed version of intermediate data key (n) encrypted using the second shared 
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23 secret credential and intermediate key (n) , and the first station decrypts the hashed version of 

24 intermediate data key (n) using the second shared secret credential and intermediate data key (n), 

25 and determines that the hashed version of intermediate data key (n) matches an expected version 

26 of by intermediate data key (n) . 

1 25. (previously presented) The apparatus of claim 8, wherein the encrypted version of one of said 

2 set of intermediate data keys to be accepted as the symmetric encryption key is encrypted using a 

3 shared secret credential. 

1 26. (currently amended) The apparatus of claim 8, wherein the plurality of exchanges includes an 

2 iterative process including n iterations, in which for each iteration (i), the first station sends a 

3 message carrying intermediate data key (i) encrypted with intermediate data key (i-1), [[and]] the 

4 second station obtains intermediate key (i) by decrypting the message with intermediate key (i-1) 

5 and returns a message to the first station carrying a hashed version of the intermediate data key 

6 (i) encrypted using the intermediate data key (i), and the first station decrypts the hashed version 

7 of intermediate data key (T) using intermediate data key (i), and determines that the hash version 

8 of intermediate data key (T) matches an expected version of by intermediate data key (i), until the 

9 n-th iteration in which the first station sends intermediate data key (n) as the encrypted version of 

10 one of said set of intermediate data keys to be accepted as the symmetric encryption key, 

1 1 encrypted using a first shared secret credential, and the second station, after obtaining 

12 intermediate data key (n) by decrypting the message with the first shared secret credential, 

13 returns a message to the first station carrying a hashed version of intermediate data key (n) 

14 encrypted using the first shared secret credential, and the first station decrypts the hashed version 

15 of intermediate data key (n) using the first shared secret credential, and determines that the 

16 hashed version of intermediate data key (n) matches an expected version of by intermediate data 

17 key (n), and in (n+l)-th iteration, the first station sends intermediate data key (n) encrypted using 

1 8 a second shared secret credential, and the second station, after obtaining intermediate data key 

19 (n) by decrypting the message with the second shared secret credential, returns a message to the 

20 first station carrying a hashed version of intermediate data key (n) encrypted using the second 

21 shared secret credential , and the first station decrypts the hashed version of intermediate data key 
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22 (n) using the second shared secret credential, and determines that the hashed version of 

23 intermediate data key (n) matches an expected version of by intermediate data key (n) . 

1 27. (currently amended) The apparatus of claim 8, wherein the plurality of exchanges includes an 

2 iterative process including n iterations, in which for each iteration (i), the first station sends a 

3 message carrying intermediate data key (i) encrypted with intermediate data key (i-1), [[and]] the 

4 second station obtains intermediate data key (i) by decrypting the message with intermediate data 

5 key (i-1), and returns a message to the first station carrying a hashed version of the intermediate 

6 data key (i) encrypted using the intermediate data key (i), and the first station decrypts the 

7 hashed version of intermediate data key (i) using intermediate data key (i), and determines that 

8 the hash version of intermediate data key (i) matches an expected version of by intermediate data 

9 key (i), until the n-th iteration in which the first station sends intermediate data key (n) as the 

10 encrypted version of one of said set of intermediate data keys to be accepted as the symmetric 

1 1 encryption key, encrypted using a first shared secret credential and intermediate data key (n-1), 

12 and the second station, after obtaining intermediate data key (n) by decrypting the message with 

13 the first shared secret credential and intermediate data key (n-1), returns a message to the first 

14 station carrying a hashed version of intermediate data key (n) encrypted using the first shared 

1 5 secret credential and intermediate data key (n), and the first station decrypts the hashed version 

16 of intermediate data key (n) using the first shared secret credential and intermediate data key (n), 

17 and determines that the hashed version of intermediate data key (n) matches an expected version 

18 of by intermediate data key (n), and in (n+l)-th iteration the first station sends intermediate data 

19 key (n) encrypted using a second shared secret credential and intermediate data key (n), and the 

20 second station after obtaining intermediate data key (n) by decrypting the message with the 

21 second shared secret credential and intermediate data key (n), returns a message to the first 

22 station carrying a hashed version of intermediate data key (n) encrypted using the second shared 

23 secret credential and intermediate key (n) , and the first station decrypts the hashed version of 

24 intermediate data key (n) using the second shared secret credential and intermediate data key (n), 

25 and determines that the hashed version of intermediate data key (n) matches an expected version 

26 of by intermediate data key (n) . 
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1 28. (previously presented) The article of claim 15, wherein the encrypted version of one of said 

2 set of intermediate data keys to be accepted as the symmetric encryption key is encrypted using a 

3 shared secret password. 

1 29. (currently amended) The article of claim 15, wherein the plurality of exchanges includes an 

2 iterative process including n iterations, in which for each iteration (i), the first station sends a 

3 message carrying intermediate data key (i) encrypted with intermediate data key (i-1), [[and]] the 

4 second station obtains intermediate key (i) by decrypting the message with intermediate key (i-1) 

5 and returns a message to the first station carrying a hashed version of the intermediate data key 

6 (i) encrypted using the intermediate data key (i), and the first station decrypts the hashed version 

7 of intermediate data key (T) using intermediate data key (i), and determines that the hash version 

8 of intermediate data key (T) matches an expected version of by intermediate data key (T), until the 

9 n-th iteration in which the first station sends intermediate data key (n) as the encrypted version of 

10 one of said set of intermediate data keys to be accepted as the symmetric encryption key, 

1 1 encrypted using a first shared secret credential, and the second station, after obtaining 

12 intermediate data key (n) by decrypting the message with the first shared secret credential, 

13 returns a message to the first station carrying a hashed version of intermediate data key (n) 

14 encrypted using the first shared secret credential, and the first station decrypts the hashed version 

15 of intermediate data key (n) using the first shared secret credential and determines that the 

16 hashed version of intermediate data key (n) matches an expected version of by intermediate data 

17 key (n), and in (n+l)-th iteration, the first station sends intermediate data key (n) encrypted using 

18 a second shared secret credential, and the second station, after obtaining intermediate data key 

19 (n) by decrypting the message with the second shared secret credential, returns a message to the 

20 first station carrying a hashed version of intermediate data key (n) encrypted using the second 

21 shared secret credential , and the first station decrypts the hashed version of intermediate data key 

22 (n) using the second shared secret credential, and determines that the hashed version of 

23 intermediate data key (n) matches an expected version of by intermediate data key (n) . 

1 30. (currently amended) The article of claim 15, wherein the plurality of exchanges includes an 

2 iterative process including n iterations, in which for each iteration (i), the first station sends a 

3 message carrying intermediate data key (i) encrypted with intermediate data key (i-1), [[and]] the 
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4 second station obtains intermediate data key (i) by decrypting the message with intermediate data 

5 key (i-1), and returns a message to the first station carrying a hashed version of the intermediate 

6 data key (i) encrypted using the intermediate data key (T), and the first station decrypts the 

7 hashed version of intermediate data key (i) using intermediate data key (T), and determines that 

8 the hash version of intermediate data key (i) matches an expected version of by intermediate data 

9 key (T), until the n-th iteration in which the first station sends intermediate data key (n) as the 

10 encrypted version of one of said set of intermediate data keys to be accepted as the symmetric 

1 1 encryption key, encrypted using a first shared secret credential and intermediate data key (n-1), 

12 and the second station, after obtaining intermediate data key (n) by decrypting the message with 

13 the first shared secret credential and intermediate data key (n-1 ), returns a message to the first 

14 station carrying a hashed version of intermediate data key (n) encrypted using the first shared 

15 secret credential and intermediate data key (n), and the first station decrypts the hashed version 

16 of intermediate data key (n) using the first shared secret credential and intermediate data key (n), 

17 and determines that the hashed version of intermediate data key (n) matches an expected version 

1 8 of by intermediate data key (n), and in (n+ 1 )-th iteration the first station sends intermediate data 

19 key (n) encrypted using a second shared secret credential and intermediate data key (n), and the 

20 second station after obtaining intermediate data key (n) by decrypting the message with the 

21 second shared secret credential and intermediate data key (n), returns a message to the first 

22 station carrying a hashed version of intermediate data key (n) encrypted using the second shared 

23 secret credential and intermediate key (n) , and the first station decrypts the hashed version of 

24 intermediate data key (n) using the second shared secret credential and intermediate data key (n), 

25 and determines that the hashed version of intermediate data key (n) matches an expected version 

26 of by intermediate data key (n) . 
/// 
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